Index

S

sample listings

adding certificate to SOAP messages, 297

authentication request for time reporting system security, 501-502

banking component, 232

business class, 487-488

business code for UserReport class, 472

client class calling server, 198-199

code to read DIME attachment from SOAP message, 305-306

complete Facade class, 471-472

DataAccess class, 481-483

digitally signed SOAP message, 291-294

GetUserName function, 285-286

LDAP service class, 497-498

returning DIME attachment to SOAP response, 301-302

SaveUserReport method in facade layer, 488

SOAP client-server communications, 268-269

SOAP extension attribute class, 277-278

SOAP Web service for polling subscribing partners, 261-263

testing TransferFunds method, 232-233

ThrowComplexException method, 270-272

UserReportFacade classes, 470-471

using WS-Security username tokens, 287-290

ValidateWithdraw function, 270

verifying digitally signed SOAP body, 294-296

web.config file, 495

Web form Userreport.aspx, 492

Web service exposing authentication toward LDAP, 498-499

Web service financial account code, 266-269

Webmethod attribute, 489-490

SANs (storage area networks), 133, 362-363, 368-370

SaveUserReport method in Facade layer, 488

scalability

avoiding session state with load balancing, 96

choosing servers and, 35-36

clustering and, 60

Commerce Server and, 51

defined, 152

IIS 5.0, 334

IIS 6.0, 345-346

need for, 1-2, 72

NLB and, 63-64, 66

Web services and, 309-310

Windows 2000 Server improvements for, 37-38

Windows Server 2003 support for, 41-42, 120-121

Section 5 encoding, 256-257

Secure Communications dialog box, 450

Secure Sockets Layer (SSL), 350-351, 449-450

Secure Sockets Layer/Transport Layer Security (SSL/TLS), 143

security, 142-150. See also authentication; certificates; X509 security tokens

Active Directory, 146-147

ASP.NET elements restricting users, 495

auditing, 145-146

authentication, 143-144, 225-228, 501-502

choosing .NET Remoting or Web services for, 315

declarative, 194-195

EFS and digital signatures, 147-148

IIS 5.0 performance and, 332-333, 334-339

IIS 6.0, 346-355

implementing server certificates, 448-450

increasing concerns for, 230

input validation, 228-229

issues for enterprise application, 224-225

object-based access control, 144-145

PKI, 144, 148-150

preventing account lockouts during DoS attacks, 226

restricting access to IIS 5.0 log files, 337-339

securing Web services with WSE, 286-298

subcomponents of Windows Server 2003 subsystem, 119

time reporting system, 493-502

updating IIS 5.0, 334-335

user vs. kernel mode, 104-105

Windows Server software- and hardware-based, 103-104

WS-I specifications and support for, 280-282

Security Reference Monitor, 118

Security subsystem, 118

security tokens. See also X509 security tokens

adding username and password in SOAP header, 285-298

server-side code for retrieving, 290-291, 293

used of by WS-Security, 281

sequence diagrams, 24-25, 415-419

serialization, 212

Server Administration page (Windows Server 2003 Web Edition), 43

ServerCacheTime value, 333

servers. See also availability; .NET Enterprise Servers; virtual servers; and specific servers

availability with NLB, 63-64, 66-67

avoiding domain controllers as application, 354

client-server communications in SOAP message, 268-269

cluster monitoring, 83-85

clustering with MSCS, 68-71

general clusters, 75-76

managing with Application Center, 71-73

MSCS nodes, 68, 69

.NET Remoting communication between server object and clients, 212-214

patching IIS, 353-354

remotely managing in NLB cluster, 67

server-side code retrieving certificates from SOAP requests, 290-291, 293

types of cluster for, 60-62

VMware tests on virtual, 432-435, 439, 441-442

serviced components, 204-207

ApplicationActivation attribute, 204-205

ApplicationQueuing attribute, 205

AutoComplete attribute, 205

ConstructionEnabled attribute, 205-206

defined, 204

JustInTime Activation attribute, 206

ObjectPooling attribute, 207

Transaction attribute, 206

services-based architecture, 172

session state, 95-97

shared-nothing cluster architecture, 69, 124-125

Sharepoint Portal Server, 56

Signature element, 293-294

Simple Mail Transfer Protocol (SMTP) Service, 339

Simple Object Access Protocol. See SOAP

single-node clusters, 78

Singleton pattern, 165

Slammer virus, 334-335

smart clients, 207

SMTP (Simple Mail Transfer Protocol) Service, 339

SOAP SDK kit, 264

SOAP (Simple Object Access Protocol), 246-258. See also SOAP messages

architecture of, 248-249

authorization with SOAP extension, 276-278

EAI examples with, 11-12

exception handling in, 269-272

handling binary data, 278-279

headers, 251, 272-274

input and output filters extending, 283-286

messages in, 249-250

over HTTP, 248, 254-255

over HTTPS, 255-256

over TCP/IP, 247

polling subscribing partners, 261-263

reading streams in Extension class, 278

retrieving certificates from requests, 290-291, 293

returning DIME attachment to response, 301-302

RPC and, 256-257

SOAP extension functionality, 274-275

transactions unsupported by, 260

verifying digitally signed SOAP body, 294-296

Web service financial account example, 264-269

WSE SDK, 282-286

WS-I specifications and support for security, 280-282

SOAP extensions

about, 274-275

attribute class, 277-278

implementing Web service authorization with, 276-278

reading streams in Extension class, 278

SOAP messages, 249-255

adding certificate to, 297

architecture of, 249-250

contents of fault message, 257-258

creating complete, 261-262

digitally signed, 291-294

DIME attachments for, 279

envelope, 250-251

error messages, 257-258

fault part of, 251-252

formats for, 252-254

handling binary data, 278-279

header, 251

reading DIME attachment from, 305-306

retrieving X509 certificate from, 298

tracing, 263-264

SoapWebRequest processing, 284

socket pooling, 325

sockets, 325

software reuse, Web services and, 242

spinlocks, 115

SQL Server. See Microsoft SQL Server

SSL (Secure Sockets Layer)

configuring, 449-450

improvements IIS 6.0, 350-351

SSL/TLS (Secure Sockets Layer/Transport Layer Security), 143

stand-alone cluster, 75

Standard Edition, 44-45

State pattern, 171

states

handling for Web forms, 211

managing in .NET Remoting or Web services, 315

session, 95-97

storage area networks (SANs), 133, 362-363, 368-370

stored procedures

performance and, 187

SQL Server, 403-404

Strategy pattern, 171

stretched clusters, 129

strong passwords, 227

structural patterns, 166-169

structured exception handling, 188

subsystems of Windows Server 2003, 112-114, 117-119

Support Routines, 111-112

swap files, 110

swim lane, 19, 21

synchronizing

access to resources, 114-115

clusters, 82

synchronization methods for executive, 115

syslogins table, 405

System.EnterpriseServices

code supporting time reporting system, 469-473

referencing in application projects, 468-469

System.Runtime.Serialization.Formatter s.Binary.BinaryFormatter, 312

System.Runtime.Serialization.Formatter s.Soap.SoapFormatter, 312

System.XML.Serialization.XmlSerializer class, 313